writeup: faustctf 2018: jodlgang - sigflag1. application overview uwsgi: web server gateway...

Report

Post on 10-Aug-2020

0 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Writeup: FaustCTF 2018: Jodlgang

Student: Markus VoglTeam: SIGFLAG.atUni: JKU LinzInstitute: Institute for Network and SecuritySponsor:VACE

https://www.sigflag.at/
https://www.jku.at/
https://ins.jku.at/
https://www.vace.at/
https://www.sigflag.at/

Overview

01 Application Overview02 Problem analysis03 Machine Learning: VGG1604 The stupid solution05 The smart solution

1. Application Overview

1. Application Overview

● UWSGI: Web Server Gateway Interface● Django Webapp on port 8000

● Bootstrap CSS + JS + html templates● Virtual python env + separate user

● No easy cross service attacks● SQLite DB● Tensorwow

● Numpy implementation of Tensorflow● 500MB .h5 pretrained model

1. Application Overview: Database

2. Problem analysis: backends.py

2. Problem analysis

● Login with one of of 530 known emails● “Password” is an image

– Must be (cnn.input_width * cnn.input_width * 3)– So: 224 x 224 x 3 = square RGB

● Cnn.inference(face)– Argmax– must be >0.5

2. Problem Analysis: Model

2. Problem Analysis: Model #2

Wait a second….

3. Machine Learning: VGG

3. Machine Learning: Softmax

3. ML – The softmax issue

● Does this mean….File: potato.jpg User: Helena Döring Prob: 0.63

File: bitconnect_dude.jpg User: Marlene Schuster Prob: 0.51

File: trump.jpg User: Paula Hahn Prob: 0.99

File: bitcoin.jpg User: Pia Ingerfurth Prob: 0.35

3. Machine Learning: CelebA Dataset

● Right: User: Theo-Fuchs.jpg fromnetwork traffic (user 60)

● Bottom: CelebA– 200k images– 10k identities– 178 × 218 px

4. The stupid solution

1.Take random CelebA image

2.Feed it to pretrained model

3.Get classifications → Same for every team

4.If max(classifications) > 50% → JACKPOT

5.Save as id = argmax(classifications)

6.Repeat on many computers, merge images

7.Try every image-ID on every team, because you forget Theo is #60 and you are team #60Now they dump your traffic and reuse your images

4. The stupid solution: Code

5. The smart solution

● Import weights into Keras/Tensorflow like a sane person → get x100 speedup on GPU

● Use a pretrained optimizer to maximize the class of a given output: “Activation maximization”

● Get trippy images like this.● Read “How convolutional

neural nets see the world”to understand why

https://github.com/raghakot/keras-vis/blob/master/vis/visualization/activation_maximization.py
https://blog.keras.io/how-convolutional-neural-networks-see-the-world.html
https://blog.keras.io/how-convolutional-neural-networks-see-the-world.html

top related

webcamp 2016: python_Кирилл Перевозчиков...
Technology
servlet - webapp
Documents
pcori final writeup
Business
simple webapps with nginx, uwsgi emperor and bottle
Technology
webapp on aws
Software
msp writeup
Documents
bluefin writeup
Documents
lockheed case writeup
Documents
maggi writeup
Automotive
sullivan writeup
Documents
recruitment writeup
Documents
replication - writeup
Documents
brighton seo writeup
Technology
hz writeup
Documents
uninett webapp park
Technology
ifrs writeup
Documents
webapp development
Documents
desalination writeup
Documents
progressive webapp : review
Documents
website writeup
Documents